Route Origin Authorization
$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS32519.roa
File: AS32519.roa (raw, json)
Hash identifier: UIjrn9Ow8DzyPMutExRs8MbkXplSkv517F956bX1+7k=
Subject key identifier: A6:6A:BC:89:E2:9A:2D:E1:2E:67:2D:6A:B6:4D:19:BC:79:09:2A:29
Certificate issuer: /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial: 336930CDDC09649C10BEDAEE0B1554719A9F6A9B
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access: rsync://rsync.rp.ki/repo/misakaio/2/AS32519.roa
Signing time: Wed 20 Dec 2023 21:30:10 +0000
ROA not before: Wed 20 Dec 2023 21:25:10 +0000
ROA not after: Wed 18 Dec 2024 21:30:10 +0000
asID: 32519
IP address blocks: 45.11.104.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:69:30:cd:dc:09:64:9c:10:be:da:ee:0b:15:54:71:9a:9f:6a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
Validity
Not Before: Dec 20 21:25:10 2023 GMT
Not After : Dec 18 21:30:10 2024 GMT
Subject: CN=A66ABC89E29A2DE12E672D6AB64D19BC79092A29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:be:16:bc:3b:79:65:0e:c5:1f:f9:c2:96:4b:
84:27:b9:48:83:11:11:67:9d:9d:bd:ca:6a:e1:cd:
85:b2:19:b9:17:a4:62:83:fd:fa:31:68:a2:e8:eb:
7a:8b:59:7d:35:1a:2e:75:93:4f:60:a7:25:9a:0f:
fb:dd:e9:db:50:5c:f6:47:b9:74:24:04:88:63:82:
25:88:1e:b1:fd:06:65:c6:98:1f:3e:95:33:ba:44:
1b:02:f7:1a:f3:94:47:b0:d2:53:9e:ac:e3:c5:0e:
e7:30:c7:21:59:60:44:f7:df:61:9a:1c:a1:5c:f6:
73:24:9c:66:71:1b:c1:36:bb:bb:6d:9c:81:15:f2:
b6:15:c2:aa:93:a3:89:28:94:d6:ae:80:21:8c:9f:
1a:63:cb:c8:a7:a3:f9:6c:b7:d7:ca:18:a0:a8:41:
02:ea:b4:3e:db:be:68:7d:ed:35:e4:84:ca:c1:a6:
24:32:aa:20:ae:75:05:26:8c:db:93:f4:b5:21:df:
71:75:1d:e1:44:47:60:1b:04:e4:9c:e0:0d:19:61:
e7:60:54:fc:50:2f:0a:17:1a:f0:ea:62:3c:b8:88:
8e:80:ec:35:af:69:fd:2c:52:5f:96:9e:aa:35:e1:
e6:7c:ff:d3:60:3f:3e:76:9b:8e:fd:70:a2:c8:73:
d3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6A:BC:89:E2:9A:2D:E1:2E:67:2D:6A:B6:4D:19:BC:79:09:2A:29
X509v3 Authority Key Identifier:
keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS32519.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.104.0/23
Signature Algorithm: sha256WithRSAEncryption
97:08:da:ab:39:ab:1b:c3:91:99:90:22:4e:19:e5:15:95:dd:
13:90:02:cf:d9:1e:95:f5:57:6e:87:5c:2e:a4:92:59:00:03:
f7:ac:60:ba:be:f5:35:5c:71:c5:32:b1:30:81:8c:eb:60:4c:
fb:3e:d0:15:fd:31:3d:15:ba:af:41:b2:a1:1a:23:49:71:88:
7c:a8:e2:a5:36:f8:73:8a:99:ce:d3:0c:d7:60:68:38:46:49:
40:32:48:50:65:61:e3:fc:55:03:36:1e:d9:30:16:7f:f1:77:
b3:bb:60:78:1b:66:d1:8c:e6:dd:6c:4c:53:13:1d:2a:52:07:
f6:9e:50:29:79:7b:4d:54:80:ac:88:1f:54:0d:f0:07:75:f9:
b2:96:a5:01:0f:99:9b:44:4c:f1:8f:c3:f4:ff:0d:ec:e4:14:
bf:f2:0c:64:bb:b8:df:c0:76:e3:6f:ea:68:25:15:7b:33:d4:
37:11:dc:fa:e5:42:60:13:46:7c:1b:62:ab:a0:07:94:28:39:
86:59:1d:59:0d:46:58:72:c8:ac:2e:32:71:d9:ea:c8:e9:47:
19:ba:5a:ac:22:03:1d:9f:c3:2e:a1:8e:ea:cc:3c:cb:c8:84:
1f:c2:32:e4:2e:66:1b:16:c0:0b:cd:3b:bb:58:0d:16:48:a0:
8f:8c:e2:61
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUM2kwzdwJZJwQvtruCxVUcZqfapswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MTBaFw0yNDEyMTgyMTMwMTBaMDMxMTAvBgNV
BAMTKEE2NkFCQzg5RTI5QTJERTEyRTY3MkQ2QUI2NEQxOUJDNzkwOTJBMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZvha8O3llDsUf+cKWS4QnuUiD
ERFnnZ29ymrhzYWyGbkXpGKD/foxaKLo63qLWX01Gi51k09gpyWaD/vd6dtQXPZH
uXQkBIhjgiWIHrH9BmXGmB8+lTO6RBsC9xrzlEew0lOerOPFDucwxyFZYET332Ga
HKFc9nMknGZxG8E2u7ttnIEV8rYVwqqTo4kolNaugCGMnxpjy8ino/lst9fKGKCo
QQLqtD7bvmh97TXkhMrBpiQyqiCudQUmjNuT9LUh33F1HeFER2AbBOSc4A0ZYedg
VPxQLwoXGvDqYjy4iI6A7DWvaf0sUl+Wnqo14eZ8/9NgPz52m479cKLIc9PTAgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQUpmq8ieKaLeEuZy1qtk0ZvHkJKikwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMzMjUxOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS0LaDANBgkq
hkiG9w0BAQsFAAOCAQEAlwjaqzmrG8ORmZAiThnlFZXdE5ACz9kelfVXbodcLqSS
WQAD96xgur71NVxxxTKxMIGM62BM+z7QFf0xPRW6r0GyoRojSXGIfKjipTb4c4qZ
ztMM12BoOEZJQDJIUGVh4/xVAzYe2TAWf/F3s7tgeBtm0Yzm3WxMUxMdKlIH9p5Q
KXl7TVSArIgfVA3wB3X5spalAQ+Zm0RM8Y/D9P8N7OQUv/IMZLu438B242/qaCUV
ezPUNxHc+uVCYBNGfBtiq6AHlCg5hlkdWQ1GWHLIrC4ycdnqyOlHGbparCIDHZ/D
LqGO6sw8y8iEH8Iy5C5mGxbAC807u1gNFkigj4ziYQ==
-----END CERTIFICATE-----
Generated at Sun May 19 10:59:18 2024 by rpki-client on console-fra.rpki-client.org